Edge Case #2 - Protectli hardware
And we are back with a new post of our Edge Case series! We'll continue to explore some cool hardware that might run on the edge: this time, it's about Protectli Vault solutions.
Protectli Vault
First, about the company behind it, Protectli:
Protectli is dedicated to providing reliable, cost effective, and secure computer equipment that doesn’t lock you into proprietary vendors and expensive contracts.
Sounds completely familiar to us ;) They have stores around the globe and operating in the US (where the hardware is designed and assembled).
"Vault" is the name of their product, from 2 to 6 ports:
They sent a very nice unit to us, in order to certify/test it. Spoiler alert: it works well!
Hardware overview
We got a FW6 Series, you can have more hardware details on their website. It's entirely fanless, which is great for edge computing (no moving parts).
Specs on the beast they sent: Core i5 7200U with 64GiB RAM (!!), 2x SSDs (2TiB and 1TiB) and 6x1G ports. It's more than enough to run a lot of VMs, even with this low size and power usage.
We've measured between 10W and 15W depending on the load on the machine, which is pretty low regarding the density you can achieve on it.
Coreboot: transparency and auditability
One of the main feat of those "Vaults" are the fact they are running on top of CoreBoot. It's fast and designed to be secure by default. And it's also fully Open Source! Prtotectli is providing more details on this, so feel free to take a look here: https://protectli.com/coreboot/
XCP-ng and XOA support
Everything is working out of the box! On the technical side:
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 4
Core(s) per socket: 1
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 142
Model name: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Stepping: 9
CPU MHz: 2712.154
BogoMIPS: 5424.30
Hypervisor vendor: Xen
Virtualization type: para
L1d cache: 32K
L1i cache: 32K
L2 cache: 256K
L3 cache: 3072K
Flags: fpu de tsc msr pae mce cx8 apic sep mca cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid pni pclmulqdq monitor est ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault ssbd ibrs ibpb stibp fsgsbase bmi1 avx2 bmi2 erms rdseed adx clflushopt xsaveopt xsavec xgetbv1
We could create tons of VMs without any issues (here we got 15x large VMs running):
Want a pfSense VM? No problem, you can also assign a virtual NIC into each physical port!
Add-Ons
Prtectli is also providing add-ons, like a 4G LTE modem, but also an UPS adapted for it, which could be very helpful if you can't rely on stable power, even for hours:
Use cases
It's perfectly aligned with the previous use cases we already presented during previous articles:
- Provide some compute power and services to remote branches of a large organization
- Having capabilities to pre-filter/compute your data on the field before sending it to your "core" network/DC
- Serving various software close to the workforce on places where you need (construction site, boats etc.), without relying on any Internet connection, with the ability to save all data off the grid.
- Isolation and security appliances, thanks to the various NICs on the unit, plus CoreBoot to provide a fully transparent layer close to the metal.
Conclusion
Again, a big thanks to Protectli team for sending us a unit! It's one more partner in our growing ecosystem. It's nice to see XCP-ng/XO able to leverage those nice piece of hardware for all use cases you might need. If you have any question on this hardware, feel free to ask on our dedicated forum thread.
